package com.glorious.security.core.userdetails.user;

import com.glorious.api.AppUserFeignClient;
import com.glorious.common.Result;
import com.glorious.common.ResultCode;
import com.glorious.dto.response.appuser.AppUserAuthResponse;
import com.glorious.enums.AuthenticationMethodEnum;
import lombok.RequiredArgsConstructor;
import org.springframework.security.authentication.AccountExpiredException;
import org.springframework.security.authentication.DisabledException;
import org.springframework.security.authentication.LockedException;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;

/**
 * 小程序用户认证服务
 */
@Service("appUserDetailsService")
@RequiredArgsConstructor
public class AppUserDetailsServiceImpl implements UserDetailsService {

    private final AppUserFeignClient appUserFeignClient;

    @Override
    public UserDetails loadUserByUsername(String username) {
        return null;
    }

    /**
     * 手机号码认证方式
     *
     * @param mobile
     * @return
     */
    public UserDetails loadUserByMobile(String mobile) {
        AppUserDetails userDetails = null;
        Result<AppUserAuthResponse> result = appUserFeignClient.loadUserByMobile(mobile);
        if (Result.isSuccess(result)) {
            AppUserAuthResponse userResponse = result.getData();
            if (null != userResponse) {
                userDetails = new AppUserDetails(userResponse);
                userDetails.setUsername(userResponse.getMobile());
                userDetails.setAuthenticationMethod(AuthenticationMethodEnum.MOBILE.getValue());   // 认证方式：mobile
            }
        }
        if (userDetails == null) {
            throw new UsernameNotFoundException(ResultCode.USER_NOT_EXIST.getMsg());
        } else if (!userDetails.isEnabled()) {
            throw new DisabledException("该账户已被禁用!");
        } else if (!userDetails.isAccountNonLocked()) {
            throw new LockedException("该账号已被锁定!");
        } else if (!userDetails.isAccountNonExpired()) {
            throw new AccountExpiredException("该账号已过期!");
        }
        return userDetails;
    }

    /**
     * openid 认证方式
     *
     * @param openId
     * @return
     */
    public UserDetails loadUserByOpenId(String openId) {
        AppUserDetails userDetails = null;
        Result<AppUserAuthResponse> result = appUserFeignClient.loadUserByOpenId(openId);
        if (Result.isSuccess(result)) {
            AppUserAuthResponse userResponse = result.getData();
            if (null != userResponse) {
                userDetails = new AppUserDetails(userResponse);
                userDetails.setUsername(userResponse.getOpenId());
                userDetails.setAuthenticationMethod(AuthenticationMethodEnum.OPENID.getValue());   // 认证方式：OpenId
            }
        }
        if (userDetails == null) {
            throw new UsernameNotFoundException(ResultCode.USER_NOT_EXIST.getMsg());
        } else if (!userDetails.isEnabled()) {
            throw new DisabledException("该账户已被禁用!");
        } else if (!userDetails.isAccountNonLocked()) {
            throw new LockedException("该账号已被锁定!");
        } else if (!userDetails.isAccountNonExpired()) {
            throw new AccountExpiredException("该账号已过期!");
        }
        return userDetails;
    }
}
